From 10b6a8fff7e6d407421c74889455b969be7f867f Mon Sep 17 00:00:00 2001 From: Lukas Fleischer Date: Thu, 20 Oct 2011 08:15:02 +0200 Subject: Wrap mysql_real_escape_string() in a function Wrap mysql_real_escape_string() in a wrapper function db_escape_string() to ease porting to other databases, and as another step to pulling more of the database code into a central location. This is a rebased version of a patch by elij submitted about half a year ago. Thanks-to: elij Signed-off-by: Lukas Fleischer Conflicts: web/lib/aur.inc.php --- web/html/account.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'web/html/account.php') diff --git a/web/html/account.php b/web/html/account.php index ca05d1a..387fd93 100644 --- a/web/html/account.php +++ b/web/html/account.php @@ -111,7 +111,7 @@ if (isset($_COOKIE["AURSID"])) { $q.= "WHERE AccountTypes.ID = Users.AccountTypeID "; $q.= "AND Users.ID = Sessions.UsersID "; $q.= "AND Sessions.SessionID = '"; - $q.= mysql_real_escape_string($_COOKIE["AURSID"])."'"; + $q.= db_escape_string($_COOKIE["AURSID"])."'"; $result = db_query($q, $dbh); if (!mysql_num_rows($result)) { print __("Could not retrieve information for the specified user."); -- cgit v1.2.3-70-g09d2